26-Mar-2021 14:46
Hi experts,
I am trying to update my device certificates.
what is the difference between these 2?
System >> Certificate Management : Device Certificate Management : Device Certificate Signing Request >> server.csr
System >> Certificate Management : Traffic Certificate Management : SSL Certificate List >> New SSL Certificate (Then create using Certificate Authority)
This is because when I genereated CSR I used the 2nd one, I forgot to create it under the device certificate management.
Will this still work?
Thank you in advance.
28-Mar-2021 04:14
Hi there
As long as you have a valid certificate and key you can import them as a Decide Certificate. So if the subject names in the CSR also covers the FQDN of the device you want to have the certificate for it will work just fine.
Kind regards,
Patrik
31-Mar-2021 21:19
Thanks Patrick. it did work however I need to bundle the certificate (cert + chain + root).
01-Apr-2021 00:41
If you're running a newer device you can add the chain via the UI:
If running a v12 you can follow this guide:
https://support.f5.com/csp/article/K13302
07-Apr-2021 21:34
thank you, actually i got confuse with that but I am certain the CSR can be taken from any machine. Can also be taken from a winserver etc.
I just got confused why there are 2 ways to do it in F5. One that is dedicated for device management and another for app services.
but anyway I was able to get it working by bundling the cert, chain and root.
Installing the cert, chain and root separate in F5 it does not work.